| Oracle® Retail Point-of-Service Installation Guide Release 14.1 E54459-01 |
|
 Previous |
 Next |
This chapter serves as a guide for administrators and people installing the product to securely configure Oracle Retail Point-of-Service. To see a broader spectrum of suggested security-related practices for this application, see the Oracle Retail POS Suite Security Guide.
|
Note: All the Oracle Retail POS Suite applications should follow the same practices for configuring a secure environment. |
This chapter is intended for security administrators and people installing the products who will deploy and configure the Oracle Retail POS Suite applications. These users perform the following tasks:
Install and deploy the applications
Configure the applications
Apply patches to the applications
It is assumed that the readers of this chapter have a general knowledge of administering the underlying technologies and the application.
This chapter begins with the operating system and moves through the supporting middleware to the application, and its connections with other resources.
|
Note: The options set by default for the installer are the most secure selection. If you choose to not use any of the default selections, you need to consider the implications of that change on the security of your installed product. |
Any references to Payment Card Industry Data Security Standard (PCI-DSS) requirements are from PCI-DSS version 3.0.
To see the operating systems supported for this release of Point-of-Service, see Chapter 1.
The Oracle Retail POS Suite applications do not rely on unsecured services or protocols. If the retailer or systems integrator customizes or extends the applications, these extensions must not rely on unsecured services or protocols.
For more information about securing services and protocols, see the Oracle Retail POS Suite Security Guide.
The Center for Internet Security has published benchmarks for securing your systems at the operating system level. You can find the benchmarks at the following links:
Microsoft Windows Server 2012
http://benchmarks.cisecurity.org/en-us/?route=downloads.browse.category.benchmarks.os.windows.2012
SUSE Linux (SLEPOS)
http://benchmarks.cisecurity.org/en-us/?route=downloads.browse.category.benchmarks.os.linux.suse
Apple iOS
http://benchmarks.cisecurity.org/downloads/browse/index.cfm?category=benchmarks.mobile.iphone
Google Android
http://benchmarks.cisecurity.org/downloads/browse/index.cfm?category=benchmarks.mobile.android
To see the database and application server supported for this release of Point-of-Service, see Chapter 1.
For recommendations on securing the database as well as JDBC communications between the POS Suite applications and the database, see the Oracle Retail POS Suite Security Guide.
Do not store sensitive data on Internet-accessible systems. For example, your web server and database server must not be on the same physical server. Oracle Retail POS Suite applications do not require the database server and web server to be hosted on the same physical server machine.
For information about secure configuration of Oracle Database, see the Oracle Database 2 Day + Security Guide. The guide is available at the following link on the Oracle Technology Network web site:
http://docs.oracle.com/database/121/TDPSG/toc.htm
Secure JMS messaging configuration is specific to the application server. For information about securing the JMS messaging, see the Oracle Retail POS Suite Security Guide.
The Oracle Retail POS Suite applications do not permit a user to send unencrypted sensitive data by end-user messaging technologies, such as e-mail. If you customize an application to permit sending sensitive data, by end-user messaging technologies, you must use a solution that renders the sensitive data unreadable or implements strong cryptography.
The embedded Browser feature in Point-of-Service provides the facility to access a web URL within the application. Care must be taken that the URL set in the Point-of-Service Browser URL parameter is not a public e-mail web site.
The Oracle Retail POS Suite applications are designed to be easily integrated with an external key management service, selected by the retailer, for encryption and decryption of sensitive data. The Oracle Retail POS Suite applications perform no encryption, decryption, or key management. Many enterprise applications are available to perform those functions. Because of this, the applications require integration with a key management service in order to start properly.
The applications are designed to plug into a key management service with the addition of a thin layer that wraps the interface to a key manager of your choice, such as RSA and so on. The adaptor can be instantiated by an application framework such as Spring, so that it is easy to write and deploy an adaptor for a different key manager without modifying application code. Point-of-Service provides an adapter for RSA Data Protection Manager. See the following file:
oracle.retail.stores.rsakeystore.rsainterface.RSAKeyStoreEncryptionService.java
This does not create a dependency on the RSA product, as a similar adapter could be developed for a different key management product. However, Point-of-Service is a Secured by RSA Certified Partner Solution, certified with RSA Data Protection Manager, as documented at the following web site:
https://gallery.emc.com/community/marketplace/rsa?view=overview
For information on installing Point-of-Service with the RSA Data Protection Manager, see "Check Java Key Manager Requirement" in Chapter 1.
For information on JCE, see "Install the Java Cryptography Extension (JCE)" in Chapter 3.
This section covers secure configuration that is recommended for all Oracle Retail POS Suite applications.
These technologies should be considered.
A credential store is used for the secure storage of application-to-application credentials. It is not used for storing user credentials. The credential store framework (CSF) API is used to access and perform operations on the credential store. CSF provides the following capabilities:
Enables the secure management of credentials.
Provides an API for the storage, retrieval, and maintenance of credentials.
Supports file-based, such as Oracle wallet, and LDAP-based credential management.
For information about the design of the credential store framework, see the Oracle Retail POS Suite Security Guide.
Except for Oracle Retail Mobile Point-of-Service, Oracle Retail POS Suite applications are not designed as wireless applications. Where wireless technology is used, you must adhere to PCI-DSS compliant wireless settings, per PCI-DSS Requirements 1.2.3, 2.1.1, and 4.1.1.
The Release 14.1 Oracle Retail POS Suite applications enable out-of-the-box audit logging by default. These logs should not be disabled.
Application log files are configurable. If you modify the settings, you must ensure they are compliant with PCI-DSS requirements 10.2 and 10.3.
The POS Suite applications implement automated audit trails for all system components to reconstruct the following events:
All actions taken by any individual with administrative privileges as assigned in the application
Access to application audit trails managed by or within the application
Invalid logical access attempts
Use of application's identification and authentication mechanisms
Initialization of the application audit logs
Creation and deletion of system-level objects within or by the application
The Release 14.1 Oracle Retail POS Suite applications implement an automated audit trail logging of various events happening on the system. The audit trail logging is configured in the log4j configuration file maintained for each application. The various events that need to be logged and the file where the audit logging information will be captured are configured in the log4j configuration file.
|
Caution: Do not comment out any of the entries or prevent the logging from occurring. |
For each event, the Oracle Retail Audit log service logs the point of Origination of the event. In addition, the audit log framework logs the Initialization of the Audit log itself.
The log files are created with the following names and in following locations:
File Name: audit.log
Location (in each register):
<POS_install_directory>\<client>\pos\logs
The following events should be captured at the system level:
Login or logoff
Start or stop a process
Use of user rights
Account administration
Change the security policy
Restart and shut down the system
USB events and Mount andUnmount events
Access a file or directory (create a file, remove a file, read a file, or change file descriptors)
Various tools are available to collect audit trail information. Audit trails should be maintained for the applications and for external system events.
After installation, these settings should be used.
Set these application parameters before running Point-of-Service.
The Temporary Password Length parameter is used to determine the length of system generated temporary passwords. This parameter resides in the application XML parameter file.
|
Caution: This parameter can be set to generate passwords to have a length between 7 and 12 characters. In order to comply with PCI-DSS section 8.2.3, the Oracle Retail POS Suite applications must not be modified to allow fewer than 7 characters. |
The Oracle Retail POS Suite applications integrate through the use of web services. For information about securing this interface protocol, see the Oracle Retail POS Suite Security Guide.
This section covers scripts and utilities used after installation.
When installing an Oracle Retail POS Suite application, the installer creates the cwallet.sso file and stores application-to-application credentials that were entered in the installer windows in the file. If the credentials change once the application is installed, the cwallet.sso file must be updated with the new passwords.
The Wallet Management Tool is provided to update an existing credential and add a new credential in the wallet file. It prompts for the required information.
For information on using the Wallet Management Tool, see the Oracle Retail POS Suite Security Guide.
The Oracle Retail POS Suite applications come with stored procedures and scripts that permit a DBA to purge the databases of data that the retailer determines are no longer necessary to store. Access to these scripts should be restricted. For more information about the purge scripts, see the Oracle Retail POS Suite Security Guide.
